Cybercriminals Leak Millions of Records in “Free Leakmas” Campaign During the Holiday Season

The holiday season is usually a time of joy and celebration, but for cybercriminals, it presented an opportunity to carry out their nefarious activities. In the days leading up to Christmas, a staggering 50 million records containing sensitive personal information were leaked by these threat actors. These leaks, primarily found on the Dark Web, were labeled “Free Leaksmas,” indicating that the criminals were sharing their data as a gesture of mutual gratitude among their ilk.

“Free Leaksmas” campaign on the Dark Web

The Dark Web served as the platform for cybercriminals to exchange and share compromised data during the holiday season. The “Free Leaksmas” campaign demonstrated a peculiar form of camaraderie among these threat actors. It is believed that by sharing their stolen data, they were expressing gratitude towards one another and establishing an environment of trust within their criminal network. As part of the campaign, underground shops offering compromised accounts on online banking and ecommerce platforms even provided substantial discounts, with markdowns reaching up to 40%.

Data dumps from various breaches

Several major data breaches contributed to the “Free Leaksmas” campaign, resulting in significant record leaks. One of the most prominent dumps came from a breach at Peruvian telecom provider Movistar, where a staggering 22 million records containing customer phone numbers and identification numbers were compromised. This breach is concerning as it exposes a vast amount of personal information that could potentially be exploited for various malicious purposes.

In addition to the Movistar breach, other notable Leaksmas datasets emerged from breaches at a Vietnamese fashion retailer and a French company. Both of these breaches yielded millions of records, further fueling concerns about the extent of personal data available to cybercriminals.

Revisiting older incidents

Interestingly, some of the leaked data appeared to originate from older incidents that had resurfaced. One such incident was the rumored breach of the Swedish fintech company Klarna in 2022. It is clear that cybercriminals are not only focused on recent breaches but also revisiting past incidents to exploit any remaining vulnerabilities and retrieve valuable data.

Notable threat actors involved

Several known threat actor groups have been identified as participating in the “Free Leaksmas” campaign. One such group is SeigedSec, a pro-Iranian entity that has previously targeted critical infrastructure and industrial control systems environments in Israel. Their involvement in sharing compromised data during the holiday break raises concerns over potential future attacks on critical systems.

Another group involved in the Leaksmas campaign is the hacktivist alliance known as the “Five Families.” This group claimed responsibility for stealing records from a large Chinese clothing store due to its alleged abusive labor practices and government connections. The motivations behind their actions highlight the intersection between cybercrime and activism.

Discounts and Focus on Stolen Credit Card Data

As digital identity remains a primary focus for cybercriminals, those selling stolen credit card data and related services offer attractive discounts to entice new buyers. Cybercriminals recognize the lucrative nature of stolen credit card information and the potential for financial gain. By offering discounts, they seek to expand their customer base and increase the demand for stolen data.

The “Free Leaksmas” campaign conducted by cybercriminals during the holiday season resulted in a massive influx of leaked personal data. The collaboration and data sharing observed among these threat actors signifies the existence of a robust criminal network. With notable threat actors and the abundance of compromised accounts and credit card information, the importance of data security cannot be stressed enough. As we move forward, it is crucial for individuals and organizations to remain vigilant and implement robust cybersecurity measures to protect against such breaches and safeguard sensitive information.

Explore more

Revolutionizing SaaS with Customer Experience Automation

Imagine a SaaS company struggling to keep up with a flood of customer inquiries, losing valuable clients due to delayed responses, and grappling with the challenge of personalizing interactions at scale. This scenario is all too common in today’s fast-paced digital landscape, where customer expectations for speed and tailored service are higher than ever, pushing businesses to adopt innovative solutions.

Trend Analysis: AI Personalization in Healthcare

Imagine a world where every patient interaction feels as though the healthcare system knows them personally—down to their favorite sports team or specific health needs—transforming a routine call into a moment of genuine connection that resonates deeply. This is no longer a distant dream but a reality shaped by artificial intelligence (AI) personalization in healthcare. As patient expectations soar for

Trend Analysis: Digital Banking Global Expansion

Imagine a world where accessing financial services is as simple as a tap on a smartphone, regardless of where someone lives or their economic background—digital banking is making this vision a reality at an unprecedented pace, disrupting traditional financial systems by prioritizing accessibility, efficiency, and innovation. This transformative force is reshaping how millions manage their money. In today’s tech-driven landscape,

Trend Analysis: AI-Driven Data Intelligence Solutions

In an era where data floods every corner of business operations, the ability to transform raw, chaotic information into actionable intelligence stands as a defining competitive edge for enterprises across industries. Artificial Intelligence (AI) has emerged as a revolutionary force, not merely processing data but redefining how businesses strategize, innovate, and respond to market shifts in real time. This analysis

What’s New and Timeless in B2B Marketing Strategies?

Imagine a world where every business decision hinges on a single click, yet the underlying reasons for that click have remained unchanged for decades, reflecting the enduring nature of human behavior in commerce. In B2B marketing, the landscape appears to evolve at breakneck speed with digital tools and data-driven tactics, but are these shifts as revolutionary as they seem? This